Date: Wed, 2 Mar 2005 16:33:16 -0800 (PST) From: "ALeine" <aleine@austrosearch.net> To: elric@imrryr.org Cc: crypto@metzdowd.com Subject: Re: FUD about CGD and GBDE Message-ID: <200503030033.j230XG4G086979@marlena.vvi.at>
next in thread | raw e-mail | index | archive | help
I must have missed this one before. elric@imrryr.org wrote: > Most of this started when I disputed some of the wild claims that > PHK has made about the security of GBDE. You have not disputed them, you have only confirmed the strengths of GBDE and exposed the issue of atomic writes. > Let me restate: > > In: > > http://www.bsdcan.org/2004/papers/gbde.pdf > > The claim is made that there is at least O(2^256) work to crack a > disk and O(2^384) to crack the disk if the lock sectors are > destroyed. Have you read PHK's paper located at: http://phk.freebsd.dk/pubs/bsdcon-03.gbde.paper.pdf > I do not believe that I need any credibility whatsoever to call > shenanigans on these outrageous claims. > > It is _plainly_obvious_ that if you encrypt 2^30 sectors each > with a different 128 bit key then there are at most 2^158 different > ways to decrypt the entire disk. Period. You need 2^128 steps to break the encryption of a single sector. But you have no idea which of the 2^128 sectors is the right one, so you store all of the 2^128 * 512 = 2^137 bytes. Right, which movie is this from? Imagine that you could do the same with the next sector... And you do this for 2^30 sectors and then figure out which of the 2^128^(2^30) sector variations is the right one? This is the worst case scenario for an attacker and it obviously is beyond anyone's dreams. You have to resort to attacking GBDE using knowledge about how it does encryption if you want to have any kind of realistic chance of breaking it. In the paper I mentioned PHK analyzed the attack vectors and what kind of threat each one of them represents. You act as if you could just brute force GBDE automatically. It cannot happen. ALeine ___________________________________________________________________ WebMail FREE http://mail.austrosearch.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200503030033.j230XG4G086979>